Need help with skf-labs?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

299 Stars 130 Forks GNU Affero General Public License v3.0 358 Commits 7 Opened issues


Repo for all the OWASP-SKF Docker lab examples

Services available


Need anything else?

Contributors list


OWASP security knowledge framework

Here we find all the labs and write-ups for the security knowledge framework!
These labs are correlated to knowledge-base id's which are on their place
again correlated to security controls such as from the ASVS or NIST, etc.

The labs are all downloadable from the following Github repository:

{% hint style="info" %} {% endhint %}

The images can also be found on the skf docker hub. These skf-labs images are automatically pushed to the docker registry on each commit to the Github repository.

Useful tools

First thing we need to do is to be able to investigate the requests that are being made by the labs/applications. We do this by setting up our intercepting proxy so we can gain more understanding of the application under test.

{% hint style="info" %} Burp suite: {% endhint %}

{% hint style="info" %} OWASP ZAP proxy: {% endhint %}

How to add a Lab & write-up

When you want to contribute and add your own labs then please make sure you use the styling template in one of the lab challenges. We think its really important to have one look and feel and for able to merge your lab its required to use the SKF template. You can copy this from any of the labs we currently already have.

For adding the write-up for the lab we advice to create a copy of on existing write-up and work from there or use the file as a base. You can store all your images in .gitbook/assets/ and also make sure you correlate your lab to one of the knowledge base item identifier in SKF. When you completed the lab and the write-up you only have to add it to the file and you are ready to create your Pull Request.

After the pull request you can find your nice styled write-up here:

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.